Ejemplo n.º 1
0
        public void EncryptSecret()
        {
            if (m_pbSecret == null)
            {
                throw new InvalidOperationException();
            }

            string[] vOtps    = new string[m_uOtpsReq + m_uLookAhead];
            ulong    uCounter = m_uCounter;

            for (int i = 0; i < vOtps.Length; ++i)
            {
                vOtps[i] = HmacOtp.Generate(m_pbSecret, uCounter,
                                            m_uOtpLength, false, -1);
                ++uCounter;
            }

            m_strEncSecret = string.Empty;
            m_strEncIV     = string.Empty;
            m_strTrfKey    = string.Empty;
            m_uTrfRounds   = DefaultTrfRounds;

            m_lSecrets.Clear();
            for (int i = 0; i <= (int)m_uLookAhead; ++i)
            {
                m_lSecrets.Add(OtpUtil.EncryptSecret(m_pbSecret, vOtps, i,
                                                     (int)m_uOtpsReq));
            }
        }
Ejemplo n.º 2
0
        private static byte[] DecryptSecretPriv(OtpEncryptedData d, string[] vOtps,
                                                int iOtpsOffset, int iOtpsCount)
        {
            if (d == null)
            {
                throw new ArgumentNullException("d");
            }

            byte[] pbTrfKey32 = Convert.FromBase64String(d.TransformationKey);
            byte[] pbKey32    = OtpUtil.KeyFromOtps(vOtps, iOtpsOffset, iOtpsCount,
                                                    pbTrfKey32, d.TransformationRounds);
            byte[] pbIV = Convert.FromBase64String(d.IV);

            byte[] pbSecret = OtpUtil.DecryptData(d.CipherText, pbKey32, pbIV);

            byte[] pbHashTrfKey32 = Convert.FromBase64String(d.PlainTextHashTransformationKey);
            byte[] pbHash         = HashAndTransform(pbSecret, pbHashTrfKey32,
                                                     d.PlainTextHashTransformationRounds);

            if (!MemUtil.ArraysEqual(pbHash, Convert.FromBase64String(d.PlainTextHash)))
            {
                return(null);
            }

            return(pbSecret);
        }
Ejemplo n.º 3
0
        public static OtpEncryptedData EncryptSecret(byte[] pbSecret, string[] vOtps,
                                                     int iOtpsOffset, int iOtpsCount)
        {
            OtpEncryptedData d = new OtpEncryptedData();
            CryptoRandom     r = CryptoRandom.Instance;

            byte[] pbIV16 = r.GetRandomBytes(16);
            d.IV = Convert.ToBase64String(pbIV16, Base64FormattingOptions.None);

            byte[] pbTrfKey32 = r.GetRandomBytes(32);
            d.TransformationKey = Convert.ToBase64String(pbTrfKey32, Base64FormattingOptions.None);

            byte[] pbKey32 = OtpUtil.KeyFromOtps(vOtps, iOtpsOffset, iOtpsCount,
                                                 pbTrfKey32, d.TransformationRounds);

            d.CipherText = OtpUtil.EncryptData(pbSecret, pbKey32, pbIV16);

            byte[] pbHashTrfKey32 = r.GetRandomBytes(32);
            d.PlainTextHashTransformationKey = Convert.ToBase64String(pbHashTrfKey32,
                                                                      Base64FormattingOptions.None);

            byte[] pbHash = HashAndTransform(pbSecret, pbHashTrfKey32,
                                             d.PlainTextHashTransformationRounds);
            d.PlainTextHash = Convert.ToBase64String(pbHash, Base64FormattingOptions.None);

            return(d);
        }
Ejemplo n.º 4
0
        /*
         * private static byte[] Open(KeyProviderQueryContext ctx, OtpInfo otpInfo)
         * {
         *      if(otpInfo.Type != ProvType)
         *      {
         *              MessageService.ShowWarning("Unknown OTP generator type!");
         *              return null;
         *      }
         *
         *      OtpKeyPromptForm dlg = new OtpKeyPromptForm();
         *      dlg.InitEx(otpInfo, ctx);
         *      if(UIUtil.ShowDialogAndDestroy(dlg) != DialogResult.OK)
         *              return null;
         *
         *      if(!CreateAuxFile(otpInfo, ctx)) return null;
         *      return otpInfo.Secret;
         * }
         * */

        /// <summary>
        /// Sets the "Secret" field in otpInfo based on the list of entered OTPs (lOtps) or the entered secret itself which is in format fmt
        /// </summary>
        /// based on the code in OtpKeyPromptForm.cs
        public void SetSecret(OtpInfo otpInfo, List <string> lOtps, string secret, OtpDataFmt?fmt)
        {
            byte[] pbSecret = EncodingUtil.ParseKey(secret,
                                                    (fmt.HasValue ? fmt.Value : OtpDataFmt.Hex));
            if (pbSecret != null)
            {
                otpInfo.Secret = pbSecret;
                return;
            }

            if (!string.IsNullOrEmpty(otpInfo.EncryptedSecret))             // < v2.0
            {
                byte[] pbKey32 = OtpUtil.KeyFromOtps(lOtps.ToArray(), 0,
                                                     lOtps.Count, Convert.FromBase64String(
                                                         otpInfo.TransformationKey), otpInfo.TransformationRounds);
                if (pbKey32 == null)
                {
                    throw new InvalidOperationException();
                }

                pbSecret = OtpUtil.DecryptData(otpInfo.EncryptedSecret,
                                               pbKey32, Convert.FromBase64String(otpInfo.EncryptionIV));
                if (pbSecret == null)
                {
                    throw new InvalidOperationException();
                }

                otpInfo.Secret   = pbSecret;
                otpInfo.Counter += (ulong)otpInfo.OtpsRequired;
            }
            else             // >= v2.0, supporting look-ahead
            {
                bool bSuccess = false;
                for (int i = 0; i < otpInfo.EncryptedSecrets.Count; ++i)
                {
                    OtpEncryptedData d = otpInfo.EncryptedSecrets[i];
                    pbSecret = OtpUtil.DecryptSecret(d, lOtps.ToArray(), 0,
                                                     lOtps.Count);
                    if (pbSecret != null)
                    {
                        otpInfo.Secret   = pbSecret;
                        otpInfo.Counter += ((ulong)otpInfo.OtpsRequired +
                                            (ulong)i);
                        bSuccess = true;
                        break;
                    }
                }
                if (!bSuccess)
                {
                    throw new InvalidOperationException();
                }
            }
        }